M
mike@nimble
Guest
The ability to deploy, undeploy and change deployment properties of decision services should not be available to all web console user accounts. For example, a web console user account with Read-only access should only be able to login and view console pages, and should not also be able to make/modify decision service deployments, connect to other server instances, create applications, or otherwise change anything. Old server web console (JSPs within axis.war) had a few roles with which user access could be limited or controlled. Without role-based control, access to web console becomes so sensitive that, in real-world deployments, either corticon.war is not deployed at all, or it's so tightly controlled that the great information it contains isn't available to those who could benefit from it.
Continue reading...
Continue reading...